23-Feb-2022 18:18 - edited 23-Feb-2022 18:20
Hi, Is there a particular function you would like to know this for? It may help get you to the answer.
Do keep in mind though that the WAF system works on an "all-match" strategy (all components that are active and get matched will be reported), rather than a "first-match" strategy (like a firewall policy).
Obviously, when the blacklist and injection exist at the same time, the blacklist must take effect first, isn't it? Then I believe there is a sequence for the same strategy